What it"s really like to negotiate with ransomware attackers
The most critical moment in a ransomware negotiation usually comes long before the victim and the hackers discuss a price......»»
Ransomware mastermind LockBitSupp reveled in his anonymity—now he’s been ID’d
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev. Enlarge / Dmitry Yuryevich Khoroshev, aka LockBitSupp (credit: UK National Crime Agency) Since at least 2019, a shadowy figure hiding behin.....»»
LockBit leader unmasked: US charges Russian national
Russian national Dmitry Khoroshev is “LockBitSupp”, the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies. The US Justice Deparment has unsealed charge.....»»
The mastermind of the prolific ransomware group LockBit has finally been unmasked
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev. Enlarge / Dmitry Yuryevich Khoroshev, aka LockBitSupp (credit: UK National Crime Agency) Since at least 2019, a shadowy figure hiding behin.....»»
Ransomware operations are becoming less profitable
As the number of real (and fake) victims of ransomware gangs continues to rise, the number of ransomware payments is falling, along with the average ransom payment. The reasons behind this decrease are many: increased cyber resilience of organization.....»»
Ransomware activity is back on track despite law enforcement efforts
Despite significant disruptions for high-profile ransomware gangs LockBit and BlackCat, Q1 2024 became the most active first quarter ever recorded — a 21% increase over Q1 2023, according to Corvus Insurance. In January, Corvus reported that global.....»»
Cybercrime stats you can’t ignore
In this article, you will find excerpts from various reports that offer stats and insights about the current cybercrime landscape. Behavioral patterns of ransomware groups are changing GuidePoint Security | GRIT Q1 2024 Ransomware Report |.....»»
Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers. Enlarge (credit: Getty Images) Researchers have devised an attack against nearly all virtual private network applications that forc.....»»
BlackBasta claims Synlab attack, leaks some stolen documents
The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated appr.....»»
Dropbox says attackers accessed customer and MFA info, API keys
File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. “From a technical perspective, Dropbox Sign’s infrastructure is lar.....»»
Virsec releases security tools to offer ransomware protection
Virsec released TrustSight and TrustGuardian, its newest security tools in the fight against an ever-expanding threat environment – one where EDRs miss up to 30% of attacks, and ransomware detonates in milliseconds, according to various sources.....»»
AI-driven phishing attacks deceive even the most aware users
Vishing and deepfake phishing attacks are on the rise as attackers leverage GenAI to amplify social engineering tactics, according to Zscaler. AI automates and personalizes various aspects of the attack process AI-driven phishing attacks leverage AI.....»»
Health care giant comes clean about recent hack and paid ransom
Ransomware attack on the $371 billion company hamstrung US prescription market. Enlarge (credit: Getty Images) Change Healthcare, the health care services provider that recently experienced a ransomware attack that hamst.....»»
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious a.....»»
LSA Whisperer: Open-source tools for interacting with authentication packages
LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap.....»»
Fireblocks expands DeFi suite with threat detection features
Fireblocks introduced new security features to its DeFi suite: dApp Protection and Transaction Simulation. As the DeFi sector experiences unprecedented growth, the need for proactive security measures has never been more critical. With attackers taki.....»»
Hackers are using developing countries for ransomware practice
Businesses in Africa, Asia, and South America hit before moving on to Western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia, and Sout.....»»
Hackers are carrying out ransomware experiments in developing countries
Businesses in Africa, Asia, and South America hit before moving on to western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia and South.....»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target environm.....»»
Veeam acquires Coveware to boost its ransomware protection capabilities
Veeam Software announced the acquisition of Coveware, a provider in cyber-extortion incident response. It brings ransomware recovery and first responder capabilities to further strengthen Veeam’s radical resilience solutions for customers. Coveware.....»»